ARS Privacy Policy

The ARS is committed to maintaining your trust by respecting and protecting your privacy. This Privacy Policy describes why and how we collect, use, share, and protect personal data collected from and about members, volunteers, donors, program participants, job applicants, and others – both online and offline. It also explains your choices regarding how we share your personal data and communicate with you, how you can request access to and correction of your personal data, and other important considerations. If you are less than 18 years of age, then you must first seek the consent of your parent or guardian prior to submitting any personal information.

Collection and Use

We collect and use personal data from or about you to help us support our non-profit mission and serve our membership. We collect such data in various ways, including data you provide to us, data we collect by automated means, and data we collect from other sources.

Sharing

Except as described in this Privacy Policy, we do not share your personal data with unaffiliated entities without your consent. We do share personal data with a limited number of Service Providers, which are unaffiliated entities that make available products or services and/or discounts to ARS members. These Service Providers are required to use the personal data only to offer, provide, maintain, and analyze the contracted products, services, or discounts. We also occasionally share personal data with select, unaffiliated non-profit organizations for use in their own social missions. We share personal data with vendors and social media networks we hire to provide services or perform business functions on our behalf, but these vendors are contractually required to treat the personal data the ARS provides as confidential, and to use the personal data only to provide the services the ARS has requested they perform on our behalf. Finally, we may share personal data pursuant to legal requirements, as necessary to protect ourselves, our members or others, or in connection with a business transfer or substantial transaction such as a sale, merger, consolidation or bankruptcy.

Security

We use administrative, technical, and physical security measures designed to protect personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use.

Choice

We strive to provide you reasonable choices regarding our collection, use, and sharing of your personal data. We provide you access to review and correct your personal data, provide you options regarding how we share personal data with ARS Service Providers and unaffiliated non-profit organizations, and provide you control over how we communicate with you, among other choices.

More Information

Please review the full Privacy Policy below for more complete details on how we collect, use, share, and protect your personal data, as well as the choices you have regarding our use and sharing of your personal data, along with other important considerations. Click on each heading below for details on the subject.

What This Privacy Policy Covers

This Privacy Policy applies to personal data, which we define as data that identifies or can reasonably be used to identify an individual (such as your name, address, email address, phone number) and data that is linked to such personal data (such as demographic data, ARS passwords, payment data, device and usage data, and location data). This Privacy Policy does not apply to data that is not personal data or is not linked to personal data, including anonymous, de-identified, or aggregate data, which cannot reasonably be used to identify you – even when such data has been derived from personal data.

Except as described below, this Privacy Policy applies to all operations of the ARS, a non-profit organization. This Privacy Policy applies when you communicate with us by mail, email, phone, social media, or in person, including at ARS events. This Privacy Policy also applies when you use ARS websites or applications designed for smartphones, tablets, computers, and other devices (“apps”), except where an ARS website or app points to a different governing policy or where a non-ARS policy explicitly applies.

By providing us your personal data or by using our websites or apps, you consent to our collection, use, and sharing of personal data as described in this Privacy Policy. Accordingly, we urge you to read it carefully and contact us with any questions as follows:

The collection and use of personal data (along with other kinds of data) is critical to the successful operation of most modern organizations – including the ARS. We collect and use personal data from or about you to support our non-profit mission and serve our membership, including to:

Perform other business functions consistent with our non-profit mission and serve our membership

Personal information will not be kept longer than is necessary for the purpose for which it was collected, i.e. to fulfill the benefits of your membership or to maintain the mission of the ARS, to include but not limited to marketing efforts for which consent has been granted. Unless information must be retained for legal or archival purposes, the ARS will make every reasonable effort to ensure that personal information will be destroyed, put beyond use or erased from ARS’ systems following a request from you to destroy or erase your personal information.

How We Collect Personal Data

Data You Provide

We collect your personal data when you choose to provide it as you interact with us in person, through correspondence, by phone, by social media, or through our websites or apps. For instance, when you join the ARS or register for an account on our websites or apps, you will be asked to provide basic personal data as part of your enrollment. Similarly, you may be asked to provide certain personal data when you participate in ARS events or meetings, respond to a survey, volunteer, request a program service, or apply for employment. For example, the personal data you provide might include:

Payment information, such as your payment card number and expiration date;

Demographic information, such as your age, year of birth, gender, and education, employment and occupation information;

Login and access credentials for your ARS website and app registrations, such as your username, password, password reminders and answers;

Content you create or submit, such as correspondence, photographs, survey responses, public forum or message board postings, social network information;

Communication preferences, such as which emails and newsletters you wish to receive, whether you wish to receive text messages or phone calls, and whether you wish to receive push notifications in our apps;

Information needed as part of a service program offering you request (e.g.,Coding and Health Policy Consulting Services)

Comments, feedback, posts and other content you provide to the ARS (including through an ARS vendor/partner website)

Employment application information, including the types of information described above, plus other employment-related data like social security number, employment status, employment history, education information, references, résumé, immigration status and ability to work legally in the United States, personal or family employment affiliation with ARS, and, on a voluntary basis, for our Equal Employment Opportunity compliance purposes for jobs located in the US, gender, race and ethnic background.

Data We Collect by Automated Means

We collect data (some of which may be personal data) by automated means when you interact with us through our websites and apps, and when we communicate with you by email or text message. We use standard technologies, including browser cookies, Web beacons, and third-party analytics services to collect this behavioral and operational data, which may be recorded and retained in web logs and other ARS systems.

The collection of such data is a common practice that supports digital services, and is used to provide customized digital experiences, as well as for market research, marketing, analytics, and system administration purposes. For example, we may use this data to determine whether you’ve previously visited our website, to store your preferences and settings, and to provide authentication processes so you can more easily access your account.

Examples of the data we may automatically collect as part of our website, app, and digital communication experiences include:

The website that referred you to our website, or that you visit upon leaving our website via a link from our site

The times and dates that you visit our websites or use our apps, and the duration of such use

Information about areas of our websites or apps that you visited or used, as well as specific content or advertisements you viewed or links you clicked

Information that identifies the precise physical location of your mobile device, based on your specific consent (we may use your IP address to generally estimate your location without seeking your specific consent – but such data does not provide a precise location)

Information collected through cookies, Web beacons, analytics tools, and other similar technologies

o A “cookie” is a small data file that a website sends to and stores on your device that allows the site to recognize your browser or store information or settings. The cookie itself does not contain personal data, but can be read by the entity that placed the cookie and may allow it to associate your device to personal data. We may use “persistent” and/or “session” cookies. Persistent cookies are stored on your computer and used for various purposes by your browser on subsequent website visits (such as to avoid having to reenter your log-on credentials). Session cookies are temporarily held in your computer’s memory and erased after you end a browser session or shut off your computer.

oA Web beacon (sometimes called transparent or single pixel “GIFs”) is an invisible digital object embedded in a webpage or email. Web beacons are typically used to monitor your interaction with the webpage or email. Web beacons can help us count visitors, determine whether emails are opened, how long a webpage is viewed, and perform similar functions. Our webpages may contain Web beacons from third parties, which help us compile aggregated statistics regarding the effectiveness of our ad campaigns and assess website operations.

o Analytics tools allow us to measure and assess how users interact with our websites, apps, and digital communications. These services are typically provided by third-parties with whom we contract – primarily Adobe and Google Analytics. These providers may use many of the same technologies discussed above (such as cookies and Web beacons) to collect various data points associated with your visits to our websites and use of our apps.

You have choices to limit the collection and use of some of this data as described in the Your Personal Data Choices section of this Privacy Policy.

Data We Collect From Other Sources

We may collect personal data about you from unaffiliated sources with whom we contract, such as product and service providers and data aggregators, as well as from public sources or databases. We may obtain data such as your name, postal address, telephone number, demographic data (such as age, gender, income level, and purchasing profiles), and publicly observed data (such as activity on blogs, videos, and other online postings). We generally use such data to identify potential members or other individuals we try to reach as part of our non-profit mission, to update personal data we already have about current members and other individuals (such as an address update), or to enhance our data models.

We may also purchase or license personal data lists from unaffiliated sources and provide access to those lists to other entities. We do not contribute personal data related to ARS members, volunteers, etc., to such lists.

We may also work with unaffiliated websites that allow you to sign up for an ARS membership or ARS emails directly from the third-party’s website. The personal data you provide on such sites is governed by that site’s privacy policy. But some or all the personal data you submit on such sites may also be shared with ARS and will be treated by ARS under the terms of this Privacy Policy when we receive it.

Data We Combine

We may combine personal data from various sources, and may combine non-personal data with personal data. When we do so, the combined information is treated as personal data under this policy unless it is later de-identified or otherwise disassociated from your personal data.

How We Share Personal Data

Except as described below, we do not share your personal data with unaffiliated entities (entities that are not owned or controlled by ARS) without your consent. We may, however, share anonymous, de-identified, or aggregate data, which cannot reasonably be used to identify you – even where it has been derived from personal data. Similarly, we may share personal data lists that we purchase or rent from unaffiliated sources as previously described. You may limit certain sharing of your personal data as described below in Your Personal Data Choices.

Service Providers. We may share personal data with ARS Service Providers, which are unaffiliated entities that make available products or services (such as insurance products or financial services) and/or discounts (such as at hotels or restaurants) to ARS members. Service Providers are required to treat the personal data the ARS provides as confidential, and to use the personal data only to offer, provide, maintain, and analyze the contracted products, services, or discounts to ARS members. Some of these Service Providers may collect personal data about our members through their own interactions with those members, and may share some or all of this data with ARS to help us provide more effective and personalized service. We will use such data in accordance with this Privacy Policy. The Service Providers’ own data collection and sharing practices are governed by their privacy policies, not this Privacy Policy.

Approved Vendors. We may share personal data with unaffiliated companies or individuals we hire to provide services or perform business functions on our behalf (such as print, mail, or email vendors; web hosting vendors; cloud service providers; consultants; digital advertising and analytics vendors; and contest or sweepstakes operators) because these vendors need access to the personal data to perform the functions we’ve requested of them. These vendors are contractually required to treat the personal data we provide as confidential, and to use the personal data only to provide the services we have requested they perform on our behalf.

Payment Processors. We may share your personal data with banks or other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction purposes.

Select Non-profit Organizations. We may occasionally share personal data, or engage in “list exchanges,” with select non-profit organizations when we believe such data sharing is in the best interest of our members and non-profit mission.

ARS may also share your personal data with other third parties as follows:

Pursuant to Legal Requirements. We may disclose your personal data (1) if we believe we are required to do so by law, regulation or legal process, such as in response to a court order, subpoena, or similar investigative demand; (2) as we deem appropriate or necessary in response to requests for cooperation from a law enforcement agency, taxation authority, or other government agency; and (3) to defend against legal claims, exercise our legal rights, or as otherwise required by law.

To Protect Ourselves, Our Members, or Others. We may disclose your personal data when we believe disclosure is necessary (1) to investigate, prevent, or take action regarding illegal activity, suspected fraud, or other wrongdoing; (2) to protect and defend the rights, property, or safety of our organization, our members, our volunteers, our employees, our websites and apps users, or others; and (3) to enforce our terms and conditions or other agreements or policies.

In Connection With Business Transfers. We may disclose or transfer your personal data in the unlikely event of a substantial corporate transaction or negotiation involving ARS or a subsidiary (including, without limitation, in the event of a bankruptcy or non-bankruptcy reorganization, consolidation, dissolution, or liquidation), although the use of such data following the transfer will remain subject to the terms of this Privacy Policy.

How We Protect Personal Data

We use commercially reasonable administrative, technical, and physical security measures designed to protect personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. Despite our safeguards, however, no website, app, or information system can ever be completely secure so we cannot guarantee that the use of our systems, websites, or apps will be completely safe or secure. For additional information on privacy, identity theft, and online security, please visit the U.S. Federal Trade Commission's website

Your Personal Data Choices

Personal Data Access

If you wish to review and/or request changes to certain personal data we have collected about you (such as your current contact information, username and password, or date of birth), you may do so by logging into your ARS account on American-rhinologic.org or the ARS meeting apps, or by contacting us as identified above. In some cases, you may also have a right to (i) request deletion of certain personal data or (ii) obtain a copy of such data in an accessible format. We will make reasonable attempts to comply with such requests where applicable, but may refuse requests where we are otherwise legally required to retain the data, or the requests are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, or are impractical.

Personal Data Sharing

If you would like to request that we no longer share personal data with ARS Service Providers and/or unaffiliated non-profit organizations, you may do so by completing our Privacy Opt-Out Formor by contacting us as identified above. If you make such a request, it will not prevent such third-parties from using any personal data we shared with them prior to completing the opt-out process, or any data they have collected directly from you or others.

ARS Communications

You may choose to opt-out of some or all future communications (mail, email, phone) from ARS. You can do so by completing our Privacy Opt-Out Form or by contacting us as identified above. For email, you can also opt-out by clicking on the “unsubscribe” links in the footer of our emails. (Please note that when opting-out of emails, you may still receive “transactional” emails, which contain information you specifically request or information related to your membership purchase or renewal.) For phone or text messages, you can also opt-out by following the contact instructions we provide in the phone call or replying “STOP” to any text message to which you’ve previously consented. We will honor your opt-out requests as soon as practical and as required by applicable law.

Disclosure in Chat Rooms or Forums

You should be aware that identifiable personal information--such as your name or e-mail address--that you voluntarily disclose and that is accessible to other users (e.g. on social media, forums, bulletin boards or in chat areas) could be collected and disclosed by others. The ARS cannot take any responsibility for such collection and disclosure.

Cookies

Most web browsers can be set to reject cookies or provide notice when cookies are placed on your device. Each browser is different, so check the "Help" menu of your browser to learn how to change your cookie preferences. Although it is up to you whether to accept cookies from our websites, if you reject cookies, certain functions on our sites may not work properly, and your ability to use some areas of the sites may be limited. It is also important to note that the opt-out mechanisms described in the Targeted Advertising section below generally rely on cookies to retain your opt-out preferences. So if you reject or erase cookies, your opt-out choices may not function properly.

Third-Party Analytics

Our analytics providers for websites and apps, primarily Google Analytics, may collect data points associated with your visits to our websites and use of our apps in order to assist us with analyzing and assessing our digital properties. You can, however, opt-out of certain data collection by these analytics providers. To learn more about Google Analytics and how to opt-out of their data collection, click here.

Location Data

We will request your permission before our apps access precise location data for your mobile device, generally when you first launch our apps. If you have previously consented to our app accessing precise location information, you may revoke that permission at any time through your device’s operating system location preference controls. You may also stop our access to precise location data by following the standard uninstall process to remove our apps from your device.

Contact Us

In addition to using the mechanisms described above, you may contact us at any time regarding these choices as follows:

We do not currently process or respond to “Do Not Track” signals from your browser. At this time previously described, we do not participate in online advertising networks administered by third parties, which may track your online activities over time and across third-party websites. However, the ARS may collect and use online activity data on our websites and in our apps for other purposes.

Links to Other Websites

Our websites and apps may provide links or automatically redirect you to third-party websites that are not controlled by ARS or governed by this Privacy Policy. For example, if you click on an advertisement or a link for a member benefit offered by a Service Provider, you may be redirected to a website operated by that provider. These third-party websites may collect personal data and other data from or about you. We are not responsible for the content or privacy practices of any website that we do not control, and your interactions with such websites are governed solely by the privacy policies of the entity operating the websites, not this Privacy Policy.

Social Media

If you are logged in to your social media account and if you use a “like” button or similar social media feature on our website or app, those social media companies may collect certain information about you, such as your IP address and which pages you visit on our websites or apps. These social media features are not operated by ARS. Your interactions with social media companies and the use of their features are governed by the privacy policies of the social media companies that provide those features, not this Privacy Policy.

US-Based Organization

ARS is headquartered in the United States and all of our data processing activities occur in the United States. Any personal data you provide to us, including through our websites and apps, will be transferred to, processed, and stored in the United States. By providing us your personal data or using our websites and apps, you acknowledge that the United States has standards for the processing and storage of personal data that may not be equivalent to (and may be less comprehensive than) those in the country where you reside and/or are a citizen, and you consent to our collection, transfer, processing, and storage of your personal data in the United States.

Children

Our websites and apps are not intended for use by children under the age of 18 and we do not knowingly collect personal data from such children. If a child under the age of 18 has provided us with personal data, we ask that a parent or guardian contact us so that the personal data can be deleted.

Your Rights

You have the right to make a written request to be informed whether or not we hold or process any of your personal information (by emailing [email protected]rican-rhinologic.org). In your written request, you may:

Request that we provide you with details of your personal information that we process, the purpose for which it is processed, the recipients of such information, the existence of any automated decision making involving your personal information, and what transfer safeguards we have in place;

Request that we rectify any errors in your personal information;

Request that we delete your personal information if our continued processing of such information is not justified;

Request that we transfer your personal information to a third party;

Object to automated decision-making and profiling based on legitimate interests or the performance of a task in the public interest (in which event the processing will cease except where there are compelling legitimate grounds, such as when the processing is necessary for the performance of a contract between us);

Object to direct marketing from us; and

Object to processing for purposes of scientific, historical research and statistics.

Where applicable under your local laws, we will not use your personal information for marketing purposes, nor disclose your information to any third parties, unless we have your prior consent, which we will seek before collecting your personal information. You can exercise your right to prevent such processing by checking certain boxes on the consent forms we use when collecting your personal information. If at any point you wish to review or change your preferences you can use the "opt-out" or unsubscribe mechanism or other means provided within the communications that you receive from us or by sending an email to [email protected] Note that you may still receive transactional communications from ARS as noted above.

Updates

We may update this Privacy Policy at any time and without prior notice by posting an updated Privacy Policy on our websites and in our apps. When we do so, we will revise the “last updated” date at the top of the Privacy Policy. If we make material changes in the way we use and/or share your personal data, we will attempt to notify you directly, such as by sending an email to the email address you most recently provided to us and/or by prominently posting notice of the changes on our websites and in our apps.

Recourse

Any comments, complaints or questions concerning this policy or complaints or objections about our use of your personal information should be addressed by directing your comments to [email protected]